Trojan win 32 bohdf

Résolu
g -  
philae83 Messages postés 12837 Date d'inscription   Statut Contributeur sécurité Dernière intervention   -
Bonjour,
lors que je faisait un scan avec mon spyboot et il a decouvert virtumonde et win 32 boh df,et puis jai reussi a me debarrasser de virtumonde en suivant la methode 1 sur ccm mais mon spybot detecte tjrs win 32boh df voila merci d avance
A voir également:

143 réponses

Précédent
Réponse 41 / 143
philae83 Messages postés 12837 Date d'inscription   Statut Contributeur sécurité Dernière intervention   206
 
hello philo :)

je te le laisse sans problème

0
Réponse 42 / 143
g
 
voici le rapport de cComboFix 07-12-09.1 - Administrateur 2007-12-09 20:07:40.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.186 [GMT 1:00]
Running from: C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Administrateur\Mes documents\CFScript.txt
* Created a new restore point

FILE
C:\DOCUMENTS & SETTING\ADMINSTRAITEUR\LOCALS SETTING\Temp\jwenlkwx.dll
C:\Documents and Settings\All Users\Application Data\PKP_DLds.DAT
C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT
C:\WINDOWS\system32\civipaus.ini
C:\WINDOWS\system32\geihitjh.ini
C:\WINDOWS\system32\hnbqkqxo.ini
C:\WINDOWS\system32\hwfrlgaw.ini
C:\WINDOWS\system32\ibhuffol.ini
C:\WINDOWS\system32\ijwogqkh.dll
C:\WINDOWS\system32\inrpwsge.ini
C:\WINDOWS\system32\jtomtfkb.dll
C:\WINDOWS\system32\kvtmmlkq.ini
C:\WINDOWS\system32\lhnpcgcg.ini
C:\WINDOWS\system32\lvwxxfkc.ini
C:\WINDOWS\system32\lyshugqj.ini
C:\WINDOWS\system32\mkgjvlar.ini
C:\WINDOWS\system32\mugfmsss.ini
C:\WINDOWS\system32\ncjnhqih.ini
C:\WINDOWS\system32\ncjnhqih.tmp
C:\WINDOWS\system32\ofkjghcu.ini
C:\WINDOWS\system32\pavfyffa.ini
C:\WINDOWS\system32\pcekbgkq.ini
C:\WINDOWS\system32\pfiuwhmc.ini
C:\WINDOWS\system32\pldlpqhn.ini
C:\WINDOWS\system32\qixikaci.ini
C:\WINDOWS\system32\sahyxwbq.ini
C:\WINDOWS\system32\segsthve.dll
C:\WINDOWS\system32\tnpgdyux.ini
C:\WINDOWS\system32\tymyohlc.ini
C:\WINDOWS\system32\uelqtwyo.ini
C:\WINDOWS\system32\vhiirqet.ini
C:\WINDOWS\system32\vtqpjukh.ini
C:\WINDOWS\system32\yauxgwkf.ini
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\PKP_DLds.DAT
C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT
C:\WINDOWS\system32\civipaus.ini
C:\WINDOWS\system32\geihitjh.ini
C:\WINDOWS\system32\hnbqkqxo.ini
C:\WINDOWS\system32\hwfrlgaw.ini
C:\WINDOWS\system32\ibhuffol.ini
C:\WINDOWS\system32\ijwogqkh.dll
C:\WINDOWS\system32\inrpwsge.ini
C:\WINDOWS\system32\jtomtfkb.dll
C:\WINDOWS\system32\kvtmmlkq.ini
C:\WINDOWS\system32\lhnpcgcg.ini
C:\WINDOWS\system32\lvwxxfkc.ini
C:\WINDOWS\system32\lyshugqj.ini
C:\WINDOWS\system32\mkgjvlar.ini
C:\WINDOWS\system32\mugfmsss.ini
C:\WINDOWS\system32\ncjnhqih.ini
C:\WINDOWS\system32\ncjnhqih.tmp
C:\WINDOWS\system32\ofkjghcu.ini
C:\WINDOWS\system32\pavfyffa.ini
C:\WINDOWS\system32\pcekbgkq.ini
C:\WINDOWS\system32\pfiuwhmc.ini
C:\WINDOWS\system32\pldlpqhn.ini
C:\WINDOWS\system32\qixikaci.ini
C:\WINDOWS\system32\sahyxwbq.ini
C:\WINDOWS\system32\segsthve.dll
C:\WINDOWS\system32\tnpgdyux.ini
C:\WINDOWS\system32\tymyohlc.ini
C:\WINDOWS\system32\uelqtwyo.ini
C:\WINDOWS\system32\vhiirqet.ini
C:\WINDOWS\system32\vtqpjukh.ini
C:\WINDOWS\system32\yauxgwkf.ini

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-11-09 to 2007-12-09 ))))))))))))))))))))))))))))))))))))
.

2007-12-09 00:42 . 2007-12-09 16:35 2,398 --a------ C:\WINDOWS\system32\tmp.reg
2007-12-09 00:12 . 2007-12-09 16:36 <REP> d-------- C:\SmitfraudFix
2007-12-08 23:45 . 2007-12-08 23:45 <REP> d-------- C:\VundoFix Backups
2007-12-08 23:36 . 2007-12-08 23:36 1,046,702 --a------ C:\SmitfraudFix.exe
2007-12-08 23:27 . 2007-12-08 23:27 <REP> d-------- C:\Program Files\Trend Micro
2007-12-08 22:30 . 2007-12-08 22:30 1,158 --a------ C:\WINDOWS\mozver.dat
2007-12-08 22:27 . 2007-12-08 22:27 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Talkback
2007-12-08 22:26 . 2007-12-08 22:26 0 --a------ C:\WINDOWS\nsreg.dat
2007-12-07 23:37 . 2007-12-08 00:52 <REP> d-------- C:\WINDOWS\BDOSCAN8
2007-12-02 23:46 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-12-02 23:46 . 2006-12-08 12:02 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2007-12-02 23:46 . 2006-11-15 11:38 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
2007-12-02 23:29 . 2007-12-02 23:29 <REP> d-------- C:\Program Files\Sierra Entertainment
2007-11-30 19:53 . 2007-11-30 19:53 <REP> d-------- C:\Program Files\Alcohol Soft

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-09 15:17 --------- d-----w C:\Program Files\Google
2007-12-09 00:52 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Skype
2007-12-07 18:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-02 22:56 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2007-12-02 22:30 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-30 18:41 685,816 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2007-11-25 22:21 --------- d-----w C:\Program Files\Windows Live Safety Center
2007-11-09 01:55 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\uTorrent
2007-11-07 23:50 24,600 ----a-w C:\WINDOWS\system32\rkmssleb.dll
2007-11-07 00:11 8,540 ----a-w C:\WINDOWS\system32\ckjhbsml.dll
2007-11-06 03:09 61,100 ----a-w C:\WINDOWS\system32\tfyqwvha.dll
2007-11-05 00:29 64,020 ----a-w C:\WINDOWS\system32\threhtfn.dll
2007-11-03 20:16 62,560 ----a-w C:\WINDOWS\system32\iympuxmg.dll
2007-11-02 03:51 61,100 ----a-w C:\WINDOWS\system32\dseibwxj.dll
2001-11-23 04:08 712,704 -c--a-w C:\WINDOWS\inf\OTHER\AUDIO3D.DLL
.

((((((((((((((((((((((((((((( snapshot@2007-12-09_18.16.23.06 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-03-06 14:27:46 162,816 ----a-w C:\WINDOWS\erdnt\[u]0[/u]9-12-2007\ERDNT.EXE
+ 2007-12-09 19:02:20 12,050,432 ----a-w C:\WINDOWS\erdnt\[u]0[/u]9-12-2007\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2007-12-09 19:02:20 122,880 ----a-w C:\WINDOWS\erdnt\[u]0[/u]9-12-2007\Users\[u]0[/u]0000002\UsrClass.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2006-06-06 09:07]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-01 03:41]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" [2006-10-12 03:10]
"ShStatEXE"="C:\Program Files\Network Associates\VirusScan\SHSTAT.exe" [2004-08-18 08:00]
"McAfeeUpdaterUI"="C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" [2004-08-06 03:50]
"Network Associates Error Reporting Service"="C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe" [2004-02-19 13:07]
"Cmaudio"="RunDll32 cmicnfg.cpl" []
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 14:43]
"C-Media Mixer"="Mixer.exe" [2002-10-15 18:00 C:\WINDOWS\mixer.exe]
"C-Media Speaker Configuration"="C:\PROGRA~1\C-Media\WIN_ME\Setup.exe" [2003-01-10 04:31]
"SoundMan"="SOUNDMAN.EXE" [2006-01-11 15:08 C:\WINDOWS\soundman.exe]
"LVCOMS"="C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE" [2003-09-04 09:45]
"InstallLeader"="" []
"SystemTray"="SysTray.Exe" [2001-08-24 15:00 C:\WINDOWS\system32\systray.exe]
"FmctrlTray"="Fmctrl.EXE" [2001-08-07 10:35 C:\WINDOWS\system32\fmctrl.exe]
"SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2006-06-06 09:07]
"QuickTime Task"="C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" [2007-06-29 05:24]

R0 FirePM;McAfee Desktop Firewall Policy Manager Driver;C:\WINDOWS\system32\Drivers\FirePM.sys
R1 FireTDI;McAfee Desktop Firewall TDI Driver;\??\C:\WINDOWS\system32\Drivers\FireTDI.sys
R1 NaiAvTdi1;NaiAvTdi1;C:\WINDOWS\system32\drivers\mvstdi5x.sys
R2 FireHook;McAfee Desktop Firewall Network Driver;C:\WINDOWS\system32\DRIVERS\firehook.sys
R3 firelm01;firelm01;\??\C:\WINDOWS\system32\drivers\firelm01.sys
R3 gameport;Triplex Ma-La-Zi PCI Joystick;C:\WINDOWS\system32\DRIVERS\fmjoy.sys
R3 wdm_fm801;Triplex Ma-La-Zi PCI Audio (WDM);C:\WINDOWS\system32\drivers\fm801.sys
S3 aaudstum;aaudstum;\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\aaudstum.sys
S3 PID_0920;Logitech QuickCam Express(PID_0920);C:\WINDOWS\system32\DRIVERS\LV532AV.SYS
S3 TxNtSys;TxNtSys;\??\C:\Triplex\Sound\TxNtSys.sys
S3 USB28xxBGA;Pinnacle PCTV DVB-T USB Stick;C:\WINDOWS\system32\DRIVERS\emBDA.sys
S3 USB28xxOEM;USB 28xx OEM Filter;C:\WINDOWS\system32\DRIVERS\emOEM.sys

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d395e3b4-c8e9-11db-9b28-000b6b985b31}]
\Shell\AutoRun\command - RavMon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{da3c43a5-436f-11db-9a30-000b6b6d5b6e}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL antihost.exe

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2007-11-28 10:14:06 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\Explorer.EXE [6.00.2900.3156]
-> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\jwenlkwx.dll
.
**************************************************************************

catchme 0.3.1331 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-09 20:13:24
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-09 20:14:42 - machine was rebooted
C:\ComboFix2.txt ... 2007-12-09 18:17
.
--- E O F ---
ombofix (jai fai le glisser avec cfscprit )
0
Réponse 43 / 143
philae83 Messages postés 12837 Date d'inscription   Statut Contributeur sécurité Dernière intervention   206
 
reposte un nouveau rapport hijackthis et fait analyser les fichiers demandés sur VIRUS TOTAL

n'oublie pas de poster les rapports générés stp
0
Réponse 44 / 143
g
 
pour les fichiers je peux faire un cpoier coller pour le metre sur virus total
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 45 / 143
philae83 Messages postés 12837 Date d'inscription   Statut Contributeur sécurité Dernière intervention   206
 
non tu le recherches en cliquant sur parcourir

tout est expliqué dans mon post et tu as aussi un tuto
0
Réponse 46 / 143
g
 
ca c pour le premier fichiers indiquer
Fichier d3dx9_32.dll reçu le 2007.12.09 20:50:25 (CET)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE


Résultat: 0/32 (0%)
en train de charger les informations du serveur...
Votre fichier est dans la file d'attente, en position: 2.
L'heure estimée de démarrage est entre 41 et 59 secondes.
Ne fermez pas la fenêtre avant la fin de l'analyse.
L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Impression des résultats
Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.

Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée.
Email:


Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2007.12.8.0 2007.12.07 -
AntiVir 7.6.0.40 2007.12.07 -
Authentium 4.93.8 2007.12.08 -
Avast 4.7.1098.0 2007.12.09 -
AVG 7.5.0.503 2007.12.09 -
BitDefender 7.2 2007.12.09 -
CAT-QuickHeal 9.00 2007.12.08 -
ClamAV 0.91.2 2007.12.09 -
DrWeb 4.44.0.09170 2007.12.09 -
eSafe 7.0.15.0 2007.12.09 -
eTrust-Vet 31.3.5361 2007.12.08 -
Ewido 4.0 2007.12.09 -
FileAdvisor 1 2007.12.09 -
Fortinet 3.14.0.0 2007.12.09 -
F-Prot 4.4.2.54 2007.12.08 -
F-Secure 6.70.13030.0 2007.12.09 -
Ikarus T3.1.1.12 2007.12.09 -
Kaspersky 7.0.0.125 2007.12.09 -
McAfee 5181 2007.12.08 -
Microsoft 1.3007 2007.12.09 -
NOD32v2 2711 2007.12.07 -
Norman 5.80.02 2007.12.07 -
Panda 9.0.0.4 2007.12.09 -
Prevx1 V2 2007.12.09 -
Rising 20.21.42.00 2007.12.07 -
Sophos 4.24.0 2007.12.09 -
Sunbelt 2.2.907.0 2007.12.07 -
Symantec 10 2007.12.09 -
TheHacker 6.2.9.154 2007.12.09 -
VBA32 3.12.2.5 2007.12.07 -
VirusBuster 4.3.26:9 2007.12.09 -
Webwasher-Gateway 6.6.2 2007.12.08 -
Information additionnelle
File size: 3426072 bytes
MD5: 26af232140c88b42d92a88f2198edf6a
SHA1: b62aed3f71d8963227e5021c2222192873ce753b
PEiD: -
0
Réponse 47 / 143
g
 
celui ci c le 2eme fichiers analyser par virustotal
Fichier xactengine2_5.dll reçu le 2007.12.09 20:56:45 (CET)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE


Résultat: 0/32 (0%)
en train de charger les informations du serveur...
Votre fichier est dans la file d'attente, en position: 2.
L'heure estimée de démarrage est entre 41 et 59 secondes.
Ne fermez pas la fenêtre avant la fin de l'analyse.
L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Impression des résultats
Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.

Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée.
Email:


Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2007.12.8.0 2007.12.07 -
AntiVir 7.6.0.40 2007.12.07 -
Authentium 4.93.8 2007.12.08 -
Avast 4.7.1098.0 2007.12.09 -
AVG 7.5.0.503 2007.12.09 -
BitDefender 7.2 2007.12.09 -
CAT-QuickHeal 9.00 2007.12.08 -
ClamAV 0.91.2 2007.12.09 -
DrWeb 4.44.0.09170 2007.12.09 -
eSafe 7.0.15.0 2007.12.09 -
eTrust-Vet 31.3.5361 2007.12.08 -
Ewido 4.0 2007.12.09 -
FileAdvisor 1 2007.12.09 -
Fortinet 3.14.0.0 2007.12.09 -
F-Prot 4.4.2.54 2007.12.08 -
F-Secure 6.70.13030.0 2007.12.09 -
Ikarus T3.1.1.12 2007.12.09 -
Kaspersky 7.0.0.125 2007.12.09 -
McAfee 5181 2007.12.08 -
Microsoft 1.3007 2007.12.09 -
NOD32v2 2711 2007.12.07 -
Norman 5.80.02 2007.12.07 -
Panda 9.0.0.4 2007.12.09 -
Prevx1 V2 2007.12.09 -
Rising 20.21.42.00 2007.12.07 -
Sophos 4.24.0 2007.12.09 -
Sunbelt 2.2.907.0 2007.12.07 -
Symantec 10 2007.12.09 -
TheHacker 6.2.9.154 2007.12.09 -
VBA32 3.12.2.5 2007.12.07 -
VirusBuster 4.3.26:9 2007.12.09 -
Webwasher-Gateway 6.6.2 2007.12.08 -
Information additionnelle
File size: 251672 bytes
MD5: 86c93789e9006f1ac47ed9dd47d4c8a1
SHA1: e9de46eb68271018aa31c71ef89d1ddef19edf7b
PEiD: -
0
Réponse 48 / 143
g
 
voici le nvx rapport hijacthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:04, on 09/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Network Associates\McAfee Desktop Firewall for Windows XP\FireSvc.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\Mixer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
C:\WINDOWS\system32\Fmctrl.EXE
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Network Associates\McAfee Desktop Firewall for Windows XP\FireTray.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SkypeIEPlugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [C-Media Speaker Configuration] C:\PROGRA~1\C-Media\WIN_ME\Setup.exe /SPEAKER
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [FmctrlTray] Fmctrl.EXE
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O4 - Global Startup: McAfee Desktop Firewall Tray.lnk = ?
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\Skype4COM.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: McAfee Desktop Firewall Service (FireSvc) - Networks Associates Technology, Inc. - C:\Program Files\Network Associates\McAfee Desktop Firewall for Windows XP\FireSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
0
Réponse 49 / 143
g
 
j espere ke je ne me suis pa tromper?
0
philae83 Messages postés 12837 Date d'inscription   Statut Contributeur sécurité Dernière intervention   206
 
non mais il faut continuer, tout n'est pas clean
0
Réponse 50 / 143
philae83 Messages postés 12837 Date d'inscription   Statut Contributeur sécurité Dernière intervention   206
 
* lance hijackthis "do a system scan only" puis coche ces lignes :

O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab

* toutes applications fermées et HORS CONNEXION, clique sur FIX CHECKED

ENSUITE
ce n'est pas terminé mais j'aurais besoin de :

Télécharge SREng (par Smallfrogs) de ce lien:
http://www.kztechs.com/eng/download.html

Extrais tout son contenu sur ton Bureau
Du dossier sreng2 qui se trouve maintenant sur ton Bureau, double clique sur SREng.exe afin de lancer l'outil
Clique sur Smart Scan
Ensuite, clique sur le bouton [Scan]

Lorsque complété, clique sur le bouton [Save Reports]
Sauvegarde le rapport sur ton Bureau
Copie/colle le contenu du fichier SREnglLOG.log dans ta prochaine réponse, s'il te plaît.


0
Réponse 51 / 143
g
 
1 fois ke jai cocher les lignes ci dessus je fai KOi?
pkoi ya til le lien de bitdefender?
0
Réponse 52 / 143
philae83 Messages postés 12837 Date d'inscription   Statut Contributeur sécurité Dernière intervention   206
 
cela correspond au scan que tu as fait en ligne chez bitdefender (activeX)

tu fais ce que je t'ai demandé à savoir SRENG
0
Réponse 53 / 143
g
 
ok voila le raport
[CODE]

2007-12-09,21:24:30

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Runing Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Process Privileges Scan


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<swg><C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe> [(Verified)Google Inc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<SunJavaUpdateSched><"C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"> [Sun Microsystems, Inc.]
<ShStatEXE><"C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE> [Network Associates, Inc.]
<McAfeeUpdaterUI><"C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey> [Network Associates, Inc.]
<Network Associates Error Reporting Service><"C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe"> [Network Associates, Inc.]
<Cmaudio><RunDll32 cmicnfg.cpl,CMICtrlWnd> [N/A]
<ATICCC><"C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay> [N/A]
<C-Media Mixer><Mixer.exe /startup> [C-Media Electronic Inc. (www.cmedia.com.tw)]
<C-Media Speaker Configuration><C:\PROGRA~1\C-Media\WIN_ME\Setup.exe /SPEAKER> []
<SoundMan><SOUNDMAN.EXE> [Realtek Semiconductor Corp.]
<LVCOMS><C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<InstallLeader><> [N/A]
<SystemTray><SysTray.Exe> [(Verified)Microsoft Windows Publisher]
<FmctrlTray><Fmctrl.EXE> [Triplex Corp.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
<WinlogonNotify: WgaLogon><WgaLogon.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Carnet d'adresses 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [Microsoft Corporation]

==================================
Startup Folders
[McAfee Desktop Firewall Tray]
<C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\McAfee Desktop Firewall Tray.lnk --> C:\PROGRA~1\Network Associates\McAfee Desktop Firewall for Windows XP\FireTray.exe [Networks Associates Technology, Inc.]><N>
[NkbMonitor.exe]
<C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\NkbMonitor.exe.lnk --> C:\PROGRA~1\Nikon\PictureProject\NkbMonitor.exe [Nikon Corporation]><N>
[ERUNT AutoBackup]
<C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk --> C:\PROGRA~1\ERUNT\AUTOBACK.EXE [N/A]><N>
[Webshots]
<C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\Webshots.lnk --> C:\PROGRA~1\Webshots\Launcher.exe [N/A]><N>

==================================
Services
[Apple Mobile Device / Apple Mobile Device][Running/Auto Start]
<"C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"><Apple, Inc.>
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
<C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
<C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart][Stopped/Auto Start]
<C:\WINDOWS\system32\ati2sgag.exe><>
[McAfee Desktop Firewall Service / FireSvc][Running/Auto Start]
<"C:\Program Files\Network Associates\McAfee Desktop Firewall for Windows XP\FireSvc.exe"><Networks Associates Technology, Inc.>
[Google Updater Service / gusvc][Stopped/Manual Start]
<"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
<"C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe"><Macrovision Corporation>
[McAfee Framework Service / McAfeeFramework][Running/Auto Start]
<C:\Program Files\Network Associates\Common Framework\FrameworkService.exe /ServiceStart><Network Associates, Inc.>
[Network Associates McShield / McShield][Running/Auto Start]
<"C:\Program Files\Network Associates\VirusScan\Mcshield.exe"><Network Associates, Inc.>
[Network Associates Task Manager / McTaskManager][Running/Auto Start]
<"C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe"><Network Associates, Inc.>

==================================
Drivers
[aaudstum / aaudstum][Stopped/Manual Start]
<\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\aaudstum.sys><N/A>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Stopped/Manual Start]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[ati2mtag / ati2mtag][Running/Manual Start]
<system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[atksgt / atksgt][Running/Auto Start]
<system32\DRIVERS\atksgt.sys><N/A>
[AVG Anti-Rootkit / AVG Anti-Rootkit][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\avgarkt.sys><GRISOFT, s.r.o.>
[Avg Anti-Rootkit Clean Driver / AvgArCln][Running/System Start]
<System32\DRIVERS\AvgArCln.sys><GRISOFT, s.r.o.>
[catchme / catchme][Running/Manual Start]
<\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys><N/A>
[C-Media PCI Audio Driver (WDM) / cmpci][Stopped/Manual Start]
<system32\drivers\cmaudio.sys><C-Media Inc>
[C-Media WDM Audio Interface / cmuda][Stopped/Manual Start]
<system32\drivers\cmuda.sys><C-Media Inc>
[dtscsi / dtscsi][Running/Manual Start]
<\SystemRoot\System32\Drivers\dtscsi.sys><N/A>
[Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet / FETNDIS][Running/Manual Start]
<system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[McAfee Desktop Firewall Network Driver / FireHook][Running/Auto Start]
<system32\DRIVERS\firehook.sys><Networks Associates Technology, Inc.>
[firelm01 / firelm01][Running/Manual Start]
<\??\C:\WINDOWS\system32\drivers\firelm01.sys><N/A>
[McAfee Desktop Firewall Policy Manager Driver / FirePM][Running/Boot Start]
<\SystemRoot\system32\Drivers\FirePM.sys><Networks Associates Technology, Inc.>
[McAfee Desktop Firewall TDI Driver / FireTDI][Running/System Start]
<\??\C:\WINDOWS\system32\Drivers\FireTDI.sys><Networks Associates Technology, Inc.>
[Triplex Ma-La-Zi PCI Joystick / gameport][Running/Manual Start]
<system32\DRIVERS\fmjoy.sys><ForteMedia, Inc.>
[lirsgt / lirsgt][Running/Auto Start]
<system32\DRIVERS\lirsgt.sys><N/A>
[NaiAvFilter1 / NaiAvFilter1][Running/Manual Start]
<system32\drivers\naiavf5x.sys><Network Associates, Inc.>
[NaiAvTdi1 / NaiAvTdi1][Running/System Start]
<system32\drivers\mvstdi5x.sys><Network Associates, Inc.>
[Logitech QuickCam Express(PID_0920) / PID_0920][Stopped/Manual Start]
<system32\DRIVERS\LV532AV.SYS><Logitech Inc.>
[802.11g USB 2.0 adapter / PRISM_A02][Stopped/Manual Start]
<system32\DRIVERS\PRISMA02.sys><N/A>
[Pilote de liaison parallèle directe / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
<\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[Secdrv / Secdrv][Running/Auto Start]
<system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[sptd / sptd][Running/Boot Start]
<\SystemRoot\System32\Drivers\sptd.sys><N/A>
[TxNtSys / TxNtSys][Stopped/Manual Start]
<\??\C:\Triplex\Sound\TxNtSys.sys><N/A>
[Pinnacle PCTV DVB-T USB Stick / USB28xxBGA][Stopped/Manual Start]
<system32\DRIVERS\emBDA.sys><eMPIA Technology, Inc.>
[USB 28xx OEM Filter / USB28xxOEM][Stopped/Manual Start]
<system32\DRIVERS\emOEM.sys><eMPIA Technology, Inc.>
[Scientific-Atlanta USB Cable Modem Driver / USBCM][Stopped/Manual Start]
<system32\DRIVERS\Sacm2A.sys><>
[ViaIde / ViaIde][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
[Triplex Ma-La-Zi PCI Audio (WDM) / wdm_fm801][Running/Manual Start]
<system32\drivers\fm801.sys><ForteMedia, Inc.>
[Codec Teletext standard / WSTCODEC][Stopped/Manual Start]
<system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[EntDrv51 / EntDrv51][Running/Manual Start]
<\??\C:\WINDOWS\system32\drivers\EntDrv51.sys><Network Associates, Inc>

==================================
Browser Add-ons
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Skype add-on (mastermind)]
{22BF413B-C6D2-4d91-82A9-A0F997BA588C} <C:\PROGRA~1\Skype\Phone\IEPlugin\SkypeIEPlugin.dll, Skype Technologies S.A.>
[BitComet Helper]
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <C:\Program Files\BitComet\tools\BitCometBHO.dll, N/A>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll, Sun Microsystems, Inc.>
[Google Toolbar Helper]
{AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar3.dll, Google Inc.>
[Google Toolbar Notifier BHO]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll, Google Inc.>
[Skype add-on (button)]
{77BF5300-1474-4EC7-9980-D32B190E9B07} <C:\PROGRA~1\Skype\Phone\IEPlugin\SkypeIEPlugin.dll, Skype Technologies S.A.>
[&Google]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar3.dll, Google Inc.>
[Shockwave ActiveX Control]
{166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINDOWS\system32\macromed\Director\SwDir.dll, Adobe Systems, Inc.>
[Google Script Object]
{00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar3.dll, Google Inc.>
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Shockwave ActiveX Control]
{166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINDOWS\system32\macromed\Director\SwDir.dll, Adobe Systems, Inc.>
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, Microsoft Corporation>
[Skype add-on (mastermind)]
{22BF413B-C6D2-4D91-82A9-A0F997BA588C} <C:\PROGRA~1\Skype\Phone\IEPlugin\SkypeIEPlugin.dll, Skype Technologies S.A.>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[&Google]
{2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar3.dll, Google Inc.>
[Shockwave ActiveX Control]
{233C1507-6A77-46A4-9443-F871F945D258} <C:\WINDOWS\system32\Macromed\Director\swdir.dll, Adobe Systems, Inc.>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[BitComet Helper]
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <C:\Program Files\BitComet\tools\BitCometBHO.dll, N/A>
[QuickTime Object]
{4063BE15-3B08-470D-A0D5-B37161CFFD69} <C:\Program Files\K-Lite Codec Pack\QuickTime\QTPlugin.ocx, Apple Inc.>
[XML Document]
{48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, N/A>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll, Sun Microsystems, Inc.>
[Skype add-on (button)]
{77BF5300-1474-4EC7-9980-D32B190E9B07} <C:\PROGRA~1\Skype\Phone\IEPlugin\SkypeIEPlugin.dll, Skype Technologies S.A.>
[Navigateur Web Microsoft]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Google Toolbar Helper]
{AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar3.dll, Google Inc.>
[Microsoft Scriptlet Component]
{AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[Google Toolbar Notifier BHO]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll, Google Inc.>
[SweetIM For Internet Explorer]
{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} <C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll, Macrogaming>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Fichiers communs\System\msadc\msadco.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
{CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[Download all links using BitComet]
<res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm, N/A>
[Download all videos using BitComet]
<res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm, N/A>
[Download link using &BitComet]
<res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm, N/A>

==================================
Running Processes
[PID: 612 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 660 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 688 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\Ati2evxx.dll] [ATI Technologies Inc., 6.14.10.4129]
[C:\WINDOWS\system32\WgaLogon.dll] [Microsoft Corporation, 1.7.0018.5]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 736 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\AppPatch\AcAdProc.dll] [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)]
[C:\WINDOWS\system32\EntApi.dll] [Network Associates, Inc, 8.0.0.240]
[PID: 748 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\EntApi.dll] [Network Associates, Inc, 8.0.0.240]
[PID: 904 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4129]
[C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2500]
[PID: 916 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\EntApi.dll] [Network Associates, Inc, 8.0.0.240]
[PID: 996 / SERVICE RÉSEAU][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\EntApi.dll] [Network Associates, Inc, 8.0.0.240]
[PID: 1092 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\EntApi.dll] [Network Associates, Inc, 8.0.0.240]
[PID: 1136 / SERVICE RÉSEAU][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\EntApi.dll] [Network Associates, Inc, 8.0.0.240]
[PID: 1188 / SERVICE LOCAL][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\EntApi.dll] [Network Associates, Inc, 8.0.0.240]
[PID: 1520 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1700 / Administrateur][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4129]
[C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2500]
[PID: 1796 / Administrateur][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\WPDShServiceObj.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\PortableDeviceTypes.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\PortableDeviceApi.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\EntApi.dll] [Network Associates, Inc, 8.0.0.240]
[C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 6.0.1.2003110300]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[C:\Program Files\Network Associates\VirusScan\shext.dll] [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\RES09\ShExtRes.dll] [Network Associates, Inc., 8.0.0.912]
[PID: 1860 / SYSTEM][C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe] [Apple, Inc., 1, 14, 0, 0]
[PID: 1932 / SYSTEM][C:\Program Files\Network Associates\McAfee Desktop Firewall for Windows XP\FireSvc.exe] [Networks Associates Technology, Inc., 8.0]
[C:\WINDOWS\system32\FireCore.dll] [Networks Associates Technology, Inc., 2.5]
[C:\WINDOWS\system32\FireCNL.dll] [Networks Associates Technology, Inc., 2.5]
[C:\WINDOWS\system32\FireCUI.dll] [Networks Associates Technology, Inc., 2.5]
[C:\Program Files\Network Associates\McAfee Desktop Firewall for Windows XP\Resource\0409\NetShrRL.dll] [Networks Associates Technology, Inc., 8.0]
[PID: 2036 / SYSTEM][C:\Program Files\Network Associates\Common Framework\FrameworkService.exe] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\nailog.dll] [Network Associates, Inc., 3.5.0.474]
[C:\Program Files\Network Associates\Common Framework\naXML.dll] [Network Associates, Inc., 3.5.0.474]
[C:\Program Files\Network Associates\Common Framework\naCmnLib.dll] [Network Associates, Inc., 3.5.0.474]
[C:\Program Files\Network Associates\Common Framework\applib.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\0409\AgentRes.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\Logging.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\InternetManager.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\naInet.dll] [Network Associates, Inc., 3.5.0.474]
[C:\Program Files\Network Associates\Common Framework\UserSpace.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\Management.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\cmalib.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\naPolicyManager.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\PsApi.dll] [Microsoft Corporation, 4.00]
[C:\Program Files\Network Associates\Common Framework\ScriptSubSys.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\UpdateSubSys.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\Scheduler.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\TCSubSys.dll] [Network Associates, Inc., 3.5.0.412]
[C:\WINDOWS\system32\EntApi.dll] [Network Associates, Inc, 8.0.0.240]
[PID: 536 / SYSTEM][C:\Program Files\Network Associates\VirusScan\Mcshield.exe] [Network Associates, Inc., 8.0.0.251]
[C:\Program Files\Network Associates\VirusScan\Res09\McShield.DLL] [Network Associates, Inc., 8.0.0.251]
[C:\Program Files\Network Associates\VirusScan\FTL.Dll] [Network Associates, Inc., 8.0.0.133]
[C:\Program Files\Network Associates\VirusScan\naiann.dll] [Network Associates, Inc., 8.0.0.251]
[C:\Program Files\Network Associates\VirusScan\mytilus.dll] [Network Associates, Inc., 8.0.0.251]
[C:\Program Files\Network Associates\Common Framework\GenEvtInf.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\VirusScan\NaEventU.DLL] [Network Associates, Inc., 8.0.0.342]
[C:\Program Files\Network Associates\VirusScan\Res09\naEvtRes.dll] [Network Associates, Inc., 8.0.0.342]
[C:\Program Files\Network Associates\VirusScan\VSIDSvr.dll] [Network Associates, Inc., 8.0.0.251]
[C:\Program Files\Fichiers communs\Network Associates\Engine\MCSCAN32.DLL] [McAfee, Inc., 5.2.00]
[C:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\VirusScan\EntSrv.Dll] [Network Associates, Inc, 8.0.0.240]
[c:\WINDOWS\system32\msxml4.dll] [Microsoft Corporation, 4.20.9848.0]
[PID: 576 / SYSTEM][C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe] [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\SHUTIL.dll] [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\naiwmain.dll] [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\naicondl.dll] [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\RES09\VsTskMgr.dll] [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\MIDUtil.Dll] [Network Associates, Inc., 8.0.0.145]
[PID: 1124 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\EntApi.dll] [Network Associates, Inc, 8.0.0.240]
[PID: 1328 / SYSTEM][C:\PROGRA~1\Network Associates\Common Framework\naPrdMgr.exe] [Network Associates, Inc., 3.5.0.412]
[C:\PROGRA~1\Network Associates\Common Framework\nailog.dll] [Network Associates, Inc., 3.5.0.474]
[C:\PROGRA~1\Network Associates\Common Framework\naCmnLib.dll] [Network Associates, Inc., 3.5.0.474]
[C:\PROGRA~1\Network Associates\Common Framework\naXML.dll] [Network Associates, Inc., 3.5.0.474]
[C:\PROGRA~1\Network Associates\Common Framework\0409\AgentRes.dll] [Network Associates, Inc., 3.5.0.412]
[C:\WINDOWS\system32\FireePO.dll] [Networks Associates Technology, Inc., 8.0]
[C:\WINDOWS\system32\FireCL.dll] [Networks Associates Technology, Inc., 8.0]
[C:\WINDOWS\system32\FireCore.dll] [Networks Associates Technology, Inc., 2.5]
[C:\WINDOWS\system32\FireCNL.dll] [Networks Associates Technology, Inc., 2.5]
[C:\WINDOWS\system32\FireCUI.dll] [Networks Associates Technology, Inc., 2.5]
[C:\Program Files\Network Associates\McAfee Desktop Firewall for Windows XP\Resource\0409\CLibRL.dll] [Networks Associates Technology, Inc., 8.0]
[C:\Program Files\Network Associates\VirusScan\VsPlugin.dll] [Network Associates, Inc., 8.0.0.912]
[C:\WINDOWS\system32\EntApi.dll] [Network Associates, Inc, 8.0.0.240]
[PID: 1300 / Administrateur][C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe] [Sun Microsystems, Inc., 5.0.90.3]
[PID: 1292 / Administrateur][C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE] [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\SHUTIL.dll] [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\naiwmain.dll] [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\RES09\shstat.dll] [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\RES09\Product.dll] [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\RES09\McShield.dll] [Network Associates, Inc., 8.0.0.251]
[C:\Program Files\Network Associates\VirusScan\RES09\Shutilrc.dll] [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\Graphics.dll] [Network Associates, Inc., 8.0.0.912]
[PID: 1336 / Administrateur][C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\nailog.dll] [Network Associates, Inc., 3.5.0.474]
[C:\Program Files\Network Associates\Common Framework\naCmnLib.dll] [Network Associates, Inc., 3.5.0.474]
[C:\Program Files\Network Associates\Common Framework\naXML.dll] [Network Associates, Inc., 3.5.0.474]
[C:\Program Files\Network Associates\Common Framework\0409\UpdRes.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\0409\AgentRes.dll] [Network Associates, Inc., 3.5.0.412]
[C:\Program Files\Network Associates\Common Framework\SecureFrameworkFactory.dll] [Network Associates, Inc., 3.5.0.412]
[PID: 1428 / Administrateur][C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe] [Network Associates, Inc., 2.0.275.0]
[PID: 1644 / Administrateur][C:\Program Files\ATI Technologies\ATI.ACE\cli.exe] [ATI Technologies Inc., 1.11.0.0]
[C:\WINDOWS\system32\mscoree.dll] [Microsoft Corporation, 2.0.50727.253 (QFE.050727-2500)]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll] [Microsoft Corporation, 1.1.4322.2407]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\windows\microsoft.net\framework\v1.1.4322\mscorlib.dll] [Microsoft Corporation, 1.1.4322.2407]
[c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_22ffebde\mscorlib.dll] [N/A, ]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll] [Microsoft Corporation, 1.1.4322.2407]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSCORJIT.DLL] [Microsoft Corporation, 1.1.4322.2407]
[c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_88fc3b69\system.windows.forms.dll] [N/A, ]
[c:\program files\ati technologies\ati.ace\cli.implementation.dll] [ATI Technologies Inc., 1.2.2217.17118]
[c:\program files\ati technologies\ati.ace\log.foundation.dll] [ATI Technologies Inc., 1.2.2147.29141]
[c:\program files\ati technologies\ati.ace\cli.foundation.dll] [ATI Technologies Inc., 1.2.2147.29141]
[c:\program files\ati technologies\ati.ace\log.foundation.service.dll] [ATI Technologies Inc., 1.2.2217.17268]
[c:\program files\ati technologies\ati.ace\log.foundation.shared.dll] [ATI Technologies Inc., 1.2.2147.29163]
[c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll] [Microsoft Corporation, 1.1.4322.2407]
[c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_c1c4e33e\system.dll] [N/A, ]
[c:\program files\ati technologies\ati.ace\cli.foundation.xmanifestation.dll] [ATI Technologies Inc., 1.2.2217.17268]
[c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_cbdce1b3\system.xml.dll] [N/A, ]
[c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\program files\ati technologies\ati.ace\cli.component.runtime.dll] [ATI Technologies Inc., 1.2.2217.17269]
[c:\program files\ati technologies\ati.ace\aticccom.dll] [ATI Technologies Inc., 1.0.0.0]
[c:\program files\ati technologies\ati.ace\aem.foundation.dll] [ATI Technologies Inc., 1.2.2147.29141]
[c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_088bf056\system.drawing.dll] [N/A, ]
[c:\program files\ati technologies\ati.ace\cli.caste.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29143]
[c:\program files\ati technologies\ati.ace\cli.caste.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2217.17263]
[c:\program files\ati technologies\ati.ace\cli.component.runtime.shared.dll] [ATI Technologies Inc., 1.2.2147.29143]
[c:\program files\ati technologies\ati.ace\dem.foundation.dll] [ATI Technologies Inc., 1.2.2147.29141]
[c:\program files\ati technologies\ati.ace\dem.graphics.demosinfo.dll] [ATI Technologies Inc., 1.2.2147.29147]
[c:\program files\ati technologies\ati.ace\dem.graphics.demosadapterinfo.dll] [ATI Technologies Inc., 1.2.2159.16348]
[c:\program files\ati technologies\ati.ace\dem.graphics.dematiadapterinfo.dll] [ATI Technologies Inc., 1.2.2147.29155]
[c:\program files\ati technologies\ati.ace\dem.graphics.demdriversettings.dll] [ATI Technologies Inc., 1.2.2147.29143]
[c:\program files\ati technologies\ati.ace\dem.graphics.displaysmanager.shared.dll] [ATI Technologies Inc., 1.2.2147.29142]
[c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll] [Microsoft Corporation, 1.1.4322.2407]
[c:\program files\ati technologies\ati.ace\atidemgr.dll] [ATI Technologies Inc., 1.2.2217.17103]
[c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll] [Microsoft Corporation, 1.1.4322.2032]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\WMINet_Utils.dll] [Microsoft Corporation, 1.1.4322.2032]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\perfcounter.dll] [Microsoft Corporation, 1.1.4322.2032]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll] [Microsoft Corporation, 1.1.4322.2407]
[c:\program files\ati technologies\ati.ace\dem.graphics.demosmodeinfo.dll] [ATI Technologies Inc., 1.2.2147.29149]
[c:\program files\ati technologies\ati.ace\dem.graphics.dematidisplaysmanagersettings.dll] [ATI Technologies Inc., 1.2.2147.29150]
[c:\program files\ati technologies\ati.ace\dem.graphics.demverylargedesktopsettings.dll] [ATI Technologies Inc., 1.2.2147.29146]
[c:\program files\ati technologies\ati.ace\cli.aspect.multivpu2.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2217.17153]
[c:\program files\ati technologies\ati.ace\cli.aspect.multivpu2.graphics.shared.dll] [ATI Technologies Inc., 1.2.2182.27456]
[c:\program files\ati technologies\ati.ace\cli.aspect.multivpu.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2217.17173]
[c:\program files\ati technologies\ati.ace\cli.aspect.multivpu.graphics.shared.dll] [ATI Technologies Inc., 1.2.2182.27452]
[c:\program files\ati technologies\ati.ace\cli.aspect.verylargedesktop.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2217.17153]
[c:\program files\ati technologies\ati.ace\cli.aspect.verylargedesktop.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29147]
[c:\program files\ati technologies\ati.ace\cli.aspect.radeon3d.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2217.17190]
[c:\program files\ati technologies\ati.ace\cli.aspect.radeon3dlegacy.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2217.17187]
[c:\program files\ati technologies\ati.ace\cli.aspect.displayscolour2.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2217.17157]
[c:\program files\ati technologies\ati.ace\cli.aspect.displayscolour2.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29158]
[c:\program files\ati technologies\ati.ace\dem.graphics.demdisplayscoloursettings.dll] [ATI Technologies Inc., 1.2.2147.29145]
[c:\program files\ati technologies\ati.ace\cli.aspect.displayscolour.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2217.17217]
[c:\program files\ati technologies\ati.ace\cli.aspect.displayscolour.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29146]
[c:\program files\ati technologies\ati.ace\cli.aspect.mmvideo.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2217.17203]
[c:\program files\ati technologies\ati.ace\cli.aspect.mmvideo.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29166]
[c:\program files\ati technologies\ati.ace\dem.graphics.mmdeintlacingsettings.dll] [ATI Technologies Inc., 1.2.2147.29167]
[c:\program files\ati technologies\ati.ace\cli.aspect.videooverlay.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2217.17268]
[c:\program files\ati technologies\ati.ace\cli.aspect.videooverlay.graphics.runtime.shared.dll] [ATI Technologies Inc., 1.2.2147.29149]
[c:\program files\ati technologies\ati.ace\dem.graphics.videooverlay.shared.dll] [ATI Technologies Inc., 1.2.2147.29142]
[c:\program files\ati technologies\ati.ace\cli.aspect.smartgart.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2217.17184]
[c:\program files\ati technologies\ati.ace\dem.graphics.demsmartgartsettings.dll] [ATI Technologies Inc., 1.2.2147.29146]
[c:\program files\ati technologies\ati.ace\cli.aspect.vpurecover.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2217.17177]
[c:\program files\ati technologies\ati.ace\cli.aspect.vpurecover.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29145]
[c:\program files\ati technologies\ati.ace\cli.aspect.workstationconfig.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2217.17175]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicecrt.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2217.17236]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicecrt2.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2217.17162]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicelcd.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2217.17227]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicelcd.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29168]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicelcd2.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2217.17157]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicelcd2.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29148]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicecv.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2217.17232]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicecv.graphics.shared.dll] [ATI Technologies Inc., 1.2.2169.27643]
[c:\program files\ati technologies\ati.ace\cli.aspect.customformats.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29144]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicecv2.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2217.17165]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicecv2.graphics.shared.dll] [ATI Technologies Inc., 1.2.2169.27620]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicetv2.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2217.17224]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicetv.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2217.17220]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicedfp.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2217.17230]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicedfp.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29168]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicedfp2.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2217.17159]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicedfp2.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29148]
[c:\program files\ati technologies\ati.ace\cli.aspect.overdrive3.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2217.17196]
[c:\program files\ati technologies\ati.ace\cli.aspect.overdrive3.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29165]
[c:\program files\ati technologies\ati.ace\cli.aspect.overdrive2.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2217.17200]
[c:\program files\ati technologies\ati.ace\dem.graphics.demoverdrivesettings.dll] [ATI Technologies Inc., 1.2.2147.29164]
[c:\program files\ati technologies\ati.ace\cli.aspect.powerplay3.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2217.17193]
[c:\program files\ati technologies\ati.ace\cli.aspect.powerplay3.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29147]
[c:\program files\ati technologies\ati.ace\dem.graphics.dempowerplaysettings.dll] [ATI Technologies Inc., 1.2.2154.21069]
[c:\program files\ati technologies\ati.ace\cli.aspect.displaysoptions.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2217.17211]
[c:\program files\ati technologies\ati.ace\cli.aspect.integratedumaframebuffer.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2217.17206]
[c:\program files\ati technologies\ati.ace\cli.aspect.infocentre.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2217.17209]
[c:\program files\ati technologies\ati.ace\cli.aspect.infocentre.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29155]
[c:\program files\ati technologies\ati.ace\cli.aspect.hotkeyshandling.graphics.runtime.dll] [ATI Technologies Inc., 1.2.2217.17168]
[c:\program files\ati technologies\ati.ace\cli.aspect.hotkeyshandling.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29156]
[c:\program files\ati technologies\ati.ace\dem.graphics.demmultivpusettings.dll] [ATI Technologies Inc., 1.2.2182.27432]
[c:\program files\ati technologies\ati.ace\cli.aspect.radeon3d.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29157]
[c:\program files\ati technologies\ati.ace\cli.aspect.radeon3dlegacy.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29166]
[c:\program files\ati technologies\ati.ace\dem.graphics.mmoverlaysettings.dll] [ATI Technologies Inc., 1.2.2147.29167]
[c:\program files\ati technologies\ati.ace\dem.graphics.demvideotheatermodesettings.dll] [ATI Technologies Inc., 1.2.2147.29167]
[c:\program files\ati technologies\ati.ace\cli.aspect.videooverlay.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29147]
[c:\program files\ati technologies\ati.ace\dem.graphics.demvideooverlaysettings.dll] [ATI Technologies Inc., 1.2.2147.29145]
[c:\program files\ati technologies\ati.ace\cli.aspect.smartgart.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29164]
[c:\program files\ati technologies\ati.ace\dem.graphics.demvpurecoverinfo.dll] [ATI Technologies Inc., 1.2.2147.29167]
[c:\program files\ati technologies\ati.ace\cli.aspect.workstationconfig.graphics.shared.dll] [ATI Technologies Inc., 1.2.2168.19591]
[c:\program files\ati technologies\ati.ace\dem.graphics.workstationsettings.dll] [ATI Technologies Inc., 1.2.2147.29157]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicecrt.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29157]
[c:\program files\ati technologies\ati.ace\cli.aspect.deviceproperty.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29142]
[c:\program files\ati technologies\ati.ace\dem.graphics.demdevicecrtsettings.dll] [ATI Technologies Inc., 1.2.2147.29164]
[c:\program files\ati technologies\ati.ace\dem.graphics.demdevicecommonsettings.dll] [ATI Technologies Inc., 1.2.2147.29167]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicecrt2.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29149]
[c:\program files\ati technologies\ati.ace\cli.aspect.deviceproperty2.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29143]
[c:\program files\ati technologies\ati.ace\dem.graphics.demdevicecommon2settings.dll] [ATI Technologies Inc., 1.2.2147.29143]
[c:\program files\ati technologies\ati.ace\dem.graphics.demdevicelcdsettings.dll] [ATI Technologies Inc., 1.2.2166.26895]
[c:\program files\ati technologies\ati.ace\dem.graphics.demdevicecomponentvideosettings.dll] [ATI Technologies Inc., 1.2.2147.29143]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicetv2.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29165]
[c:\program files\ati technologies\ati.ace\dem.graphics.demdevicetv2settings.dll] [ATI Technologies Inc., 1.2.2147.29165]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicetv.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29167]
[c:\program files\ati technologies\ati.ace\dem.graphics.demdevicetvsettings.dll] [ATI Technologies Inc., 1.2.2147.29157]
[c:\program files\ati technologies\ati.ace\dem.graphics.demdevicedfpsettings.dll] [ATI Technologies Inc., 1.2.2147.29164]
[c:\program files\ati technologies\ati.ace\dem.graphics.demdevicedfp2settings.dll] [ATI Technologies Inc., 1.2.2147.29147]
[c:\program files\ati technologies\ati.ace\dem.graphics.demoverdrive3settings.dll] [ATI Technologies Inc., 1.2.2147.29168]
[c:\program files\ati technologies\ati.ace\cli.aspect.overdrive2.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29149]
[c:\program files\ati technologies\ati.ace\cli.aspect.displaysoptions.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29157]
[c:\program files\ati technologies\ati.ace\dem.graphics.demdisplaysmanageroptionssettings.dll] [ATI Technologies Inc., 1.2.2147.29148]
[c:\program files\ati technologies\ati.ace\cli.aspect.integratedumaframebuffer.graphics.shared.dll] [ATI Technologies Inc., 1.2.2210.26509]
[c:\program files\ati technologies\ati.ace\dem.graphics.demumaframebuffersettings.dll] [ATI Technologies Inc., 1.2.2147.29147]
[c:\program files\ati technologies\ati.ace\apm.foundation.dll] [ATI Technologies Inc., 1.2.2147.29156]
[PID: 1668 / Administrateur][C:\WINDOWS\Mixer.exe] [C-Media Electronic Inc. (www.cmedia.com.tw), 1.58]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\System32\cmnprop.dll] [C-Media Corporation, 5.00.2195.12]
[PID: 1692 / Administrateur][C:\WINDOWS\SOUNDMAN.EXE] [Realtek Semiconductor Corp., 5, 1, 0, 51]
[PID: 1272 / Administrateur][C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE] [Logitech Inc., 8.1.2.1003]
[PID: 2072 / Administrateur][C:\WINDOWS\system32\Fmctrl.EXE] [Triplex Corp., 1.00]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2148 / Administrateur][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
[C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\gtn.dll] [Google Inc., 2, 1, 615, 5858]
[C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll] [Google Inc., 2, 1, 615, 5858]
[PID: 2228 / Administrateur][C:\Program Files\Network Associates\McAfee Desktop Firewall for Windows XP\FireTray.exe] [Networks Associates Technology, Inc., 8.0]
[C:\WINDOWS\system32\FireCL.dll] [Networks Associates Technology, Inc., 8.0]
[C:\WINDOWS\system32\FireCore.dll] [Networks Associates Technology, Inc., 2.5]
[C:\WINDOWS\system32\FireCNL.dll] [Networks Associates Technology, Inc., 2.5]
[C:\WINDOWS\system32\FireCUI.dll] [Networks Associates Technology, Inc., 2.5]
[C:\Program Files\Network Associates\McAfee Desktop Firewall for Windows XP\Resource\0409\CLibRL.dll] [Networks Associates Technology, Inc., 8.0]
[C:\Program Files\Network Associates\McAfee Desktop Firewall for Windows XP\nailite.dll] [Network Associates, Inc., 1.0.452]
[C:\Program Files\Network Associates\McAfee Desktop Firewall for Windows XP\Resource\0409\TrayRL.dll] [Networks Associates Technology, Inc., 8.0]
[PID: 2272 / Administrateur][C:\Program Files\Nikon\PictureProject\NkbMonitor.exe] [Nikon Corporation, 1, 7, 5, 3000]
[C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MFC71FRA.DLL] [Microsoft Corporation, 7.10.3077.0]
[PID: 2764 / Administrateur][C:\Program Files\ATI Technologies\ATI.ACE\cli.exe] [ATI Technologies Inc., 1.11.0.0]
[C:\WINDOWS\system32\mscoree.dll] [Microsoft Corporation, 2.0.50727.253 (QFE.050727-2500)]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll] [Microsoft Corporation, 1.1.4322.2407]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\windows\microsoft.net\framework\v1.1.4322\mscorlib.dll] [Microsoft Corporation, 1.1.4322.2407]
[c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_22ffebde\mscorlib.dll] [N/A, ]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll] [Microsoft Corporation, 1.1.4322.2407]
[C:\Program Files\Macrogaming\SweetIM\mgAdaptersProxy.dll] [MacroGaming, 1, 1, 0, 162]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSCORJIT.DLL] [Microsoft Corporation, 1.1.4322.2407]
[c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_88fc3b69\system.windows.forms.dll] [N/A, ]
[c:\program files\ati technologies\ati.ace\cli.implementation.dll] [ATI Technologies Inc., 1.2.2217.17118]
[c:\program files\ati technologies\ati.ace\log.foundation.dll] [ATI Technologies Inc., 1.2.2147.29141]
[c:\program files\ati technologies\ati.ace\cli.foundation.dll] [ATI Technologies Inc., 1.2.2147.29141]
[c:\program files\ati technologies\ati.ace\log.foundation.service.dll] [ATI Technologies Inc., 1.2.2217.17268]
[c:\program files\ati technologies\ati.ace\log.foundation.shared.dll] [ATI Technologies Inc., 1.2.2147.29163]
[c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll] [Microsoft Corporation, 1.1.4322.2407]
[c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_c1c4e33e\system.dll] [N/A, ]
[c:\program files\ati technologies\ati.ace\cli.foundation.xmanifestation.dll] [ATI Technologies Inc., 1.2.2217.17268]
[c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_cbdce1b3\system.xml.dll] [N/A, ]
[c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\program files\ati technologies\ati.ace\cli.component.wizard.dll] [ATI Technologies Inc., 1.2.2217.17146]
[c:\program files\ati technologies\ati.ace\cli.foundation.clients.dll] [ATI Technologies Inc., 1.2.2147.29142]
[c:\program files\ati technologies\ati.ace\cli.component.wizard.shared.dll] [ATI Technologies Inc., 1.2.2147.29144]
[c:\program files\ati technologies\ati.ace\cli.component.runtime.dll] [ATI Technologies Inc., 1.2.2217.17269]
[c:\program files\ati technologies\ati.ace\aticccom.dll] [ATI Technologies Inc., 1.0.0.0]
[c:\program files\ati technologies\ati.ace\cli.caste.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29143]
[c:\program files\ati technologies\ati.ace\aem.foundation.dll] [ATI Technologies Inc., 1.2.2147.29141]
[c:\program files\ati technologies\ati.ace\dem.graphics.displaysmanager.shared.dll] [ATI Technologies Inc., 1.2.2147.29142]
[c:\program files\ati technologies\ati.ace\cli.caste.graphics.wizard.dll] [ATI Technologies Inc., 1.2.2217.17148]
[c:\program files\ati technologies\ati.ace\cli.caste.graphics.wizard.shared.dll] [ATI Technologies Inc., 1.2.2147.29144]
[c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_088bf056\system.drawing.dll] [N/A, ]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicecv.graphics.wizard.dll] [ATI Technologies Inc., 1.2.2217.17136]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicecv2.graphics.wizard.dll] [ATI Technologies Inc., 1.2.2217.17139]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicelcd.graphics.wizard.dll] [ATI Technologies Inc., 1.2.2217.17130]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicelcd2.graphics.wizard.dll] [ATI Technologies Inc., 1.2.2217.17133]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicetv.graphics.wizard.dll] [ATI Technologies Inc., 1.2.2217.17125]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicetv2.graphics.wizard.dll] [ATI Technologies Inc., 1.2.2217.17128]
[c:\program files\ati technologies\ati.ace\cli.aspect.displaysmanager.graphics.wizard.dll] [ATI Technologies Inc., 1.2.2217.17143]
[c:\program files\ati technologies\ati.ace\cli.aspect.radeon3d.graphics.wizard.dll] [ , 1.2.2217.17118]
[c:\program files\ati technologies\ati.ace\cli.aspect.mmvideo.graphics.wizard.dll] [ATI Technologies Inc., 1.2.2217.17121]
[c:\program files\ati technologies\ati.ace\cli.aspect.transcode.local.wizard.dll] [ATI Technologies Inc., 1.2.2217.17153]
[c:\program files\ati technologies\ati.ace\cli.aspect.infocentre.graphics.wizard.dll] [ATI Technologies Inc., 1.2.2217.17123]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicecv.graphics.shared.dll] [ATI Technologies Inc., 1.2.2169.27643]
[c:\program files\ati technologies\ati.ace\cli.aspect.deviceproperty.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29142]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicecv2.graphics.shared.dll] [ATI Technologies Inc., 1.2.2169.27620]
[c:\program files\ati technologies\ati.ace\cli.aspect.deviceproperty2.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29143]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicelcd.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29168]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicelcd2.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29148]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicetv.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29167]
[c:\program files\ati technologies\ati.ace\cli.aspect.devicetv2.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29165]
[c:\program files\ati technologies\ati.ace\cli.aspect.radeon3d.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29157]
[c:\program files\ati technologies\ati.ace\cli.aspect.mmvideo.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29166]
[c:\program files\ati technologies\ati.ace\cli.aspect.transcode.local.shared.dll] [ATI Technologies Inc., 1.2.0.0]
[c:\program files\ati technologies\ati.ace\atixclib.dll] [ , 1.0.0.0]
[c:\program files\ati technologies\ati.ace\cli.aspect.infocentre.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29155]
[c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll] [Microsoft Corporation, 1.1.4322.2407]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\perfcounter.dll] [Microsoft Corporation, 1.1.4322.2032]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll] [Microsoft Corporation, 1.1.4322.2407]
[PID: 2772 / Administrateur][C:\Program Files\ATI Technologies\ATI.ACE\cli.exe] [ATI Technologies Inc., 1.11.0.0]
[C:\WINDOWS\system32\mscoree.dll] [Microsoft Corporation, 2.0.50727.253 (QFE.050727-2500)]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll] [Microsoft Corporation, 1.1.4322.2407]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\windows\microsoft.net\framework\v1.1.4322\mscorlib.dll] [Microsoft Corporation, 1.1.4322.2407]
[c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_22ffebde\mscorlib.dll] [N/A, ]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll] [Microsoft Corporation, 1.1.4322.2407]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSCORJIT.DLL] [Microsoft Corporation, 1.1.4322.2407]
[c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_88fc3b69\system.windows.forms.dll] [N/A, ]
[c:\program files\ati technologies\ati.ace\cli.implementation.dll] [ATI Technologies Inc., 1.2.2217.17118]
[c:\program files\ati technologies\ati.ace\log.foundation.dll] [ATI Technologies Inc., 1.2.2147.29141]
[c:\program files\ati technologies\ati.ace\cli.foundation.dll] [ATI Technologies Inc., 1.2.2147.29141]
[c:\program files\ati technologies\ati.ace\log.foundation.service.dll] [ATI Technologies Inc., 1.2.2217.17268]
[c:\program files\ati technologies\ati.ace\log.foundation.shared.dll] [ATI Technologies Inc., 1.2.2147.29163]
[c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll] [Microsoft Corporation, 1.1.4322.2407]
[c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_c1c4e33e\system.dll] [N/A, ]
[c:\program files\ati technologies\ati.ace\cli.foundation.xmanifestation.dll] [ATI Technologies Inc., 1.2.2217.17268]
[c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_cbdce1b3\system.xml.dll] [N/A, ]
[c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\program files\ati technologies\ati.ace\cli.component.systemtray.dll] [ATI Technologies Inc., 1.2.2217.17245]
[c:\program files\ati technologies\ati.ace\cli.caste.graphics.shared.dll] [ATI Technologies Inc., 1.2.2147.29143]
[c:\program files\ati technologies\ati.ace\cli.component.runtime.dll] [ATI Technologies Inc., 1.2.2217.17269]
[c:\program files\ati technologies\ati.ace\aticccom.dll] [ATI Technologies Inc., 1.0.0.0]
[c:\program files\ati technologies\ati.ace\dem.graphics.displaysmanager.shared.dll] [ATI Technologies Inc., 1.2.2147.29142]
[c:\program files\ati technologies\ati.ace\aem.foundation.dll] [ATI Technologies Inc., 1.2.2147.29141]
[c:\program files\ati technologies\ati.ace\apm.foundation.dll] [ATI Technologies Inc., 1.2.2147.29156]
[c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_088bf056\system.drawing.dll] [N/A, ]
[c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll] [Microsoft Corporation, 1.1.4322.2407]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\perfcounter.dll] [Microsoft Corporation, 1.1.4322.2032]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll] [Microsoft Corporation, 1.1.4322.2407]
[PID: 3632 / SERVICE LOCAL][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 4048 / Administrateur][C:\WINDOWS\system32\WgaTray.exe] [Microsoft Corporation, 1.7.0018.5]
[PID: 3788 / Administrateur][C:\Program Files\internet explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\EntApi.dll] [Network Associates, Inc, 8.0.0.240]
[C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 6.0.1.2003110300]
[C:\PROGRA~1\Skype\Phone\IEPlugin\SkypeIEPlugin.dll] [Skype Technologies S.A., 2, 2, 0, 74]
[C:\Program Files\Skype\toolbars\Shared\SPhoneParser.dll] [Skype Technologies, 1, 0, 1, 143]
[C:\Program Files\BitComet\tools\BitCometBHO.dll] [N/A, ]
[C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll] [Sun Microsystems, Inc., 5.0.90.3]
[c:\program files\google\googletoolbar3.dll] [Google Inc., 4, 0, 1601, 4978]
[C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll] [Google Inc., 2, 1, 615, 5858]
[C:\Program Files\Network Associates\VirusScan\scriptproxy.dll] [Network Associates, Inc., 8.0.0.912]
[C:\Program Files\Network Associates\VirusScan\mytilus.dll] [Network Associates, Inc., 8.0.0.251]
[C:\Program Files\Network Associates\VirusScan\Res09\McShield.dll] [Network Associates, Inc., 8.0.0.251]
[C:\Program Files\Fichiers communs\Network Associates\Engine\mcscan32.dll] [McAfee, Inc., 5.2.00]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[C:\WINDOWS\system32\mscoree.dll] [Microsoft Corporation, 2.0.50727.253 (QFE.050727-2500)]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorie.dll] [Microsoft Corporation, 1.1.4322.2407]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorld.dll] [Microsoft Corporation, 1.1.4322.2407]
[PID: 4020 / Administrateur][C:\Documents and Settings\Administrateur\Bureau\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
[C:\Documents and Settings\Administrateur\Bureau\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]

==================================
File Associations
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%System
0
Réponse 54 / 143
philae83 Messages postés 12837 Date d'inscription   Statut Contributeur sécurité Dernière intervention   206
 
re

* Télécharge CCleaner.

https://www.pcastuces.com/logitheque/ccleaner.htm

Installe le dans un répertoire dédié.

Décoche pendant l'installation

--- les deux cases "Ajouter l'option ... "

--- Contrôler les mises à jour

--- Ajouter la Barre d'Outils Yahoo! CCleaner

* Lance Ccleaner pour un nettoyage complet.

et

relance combo et poste le nouveau rapport ainsi qu'un nouveau rapport hijackthis
(plus facile pour moi sinon je galère pour retrouver les bons rapports dans ce topic)
merci 


* Double clique combofix.exe.

* Tape sur la touche Y (Yes) pour démarrer le scan.

* Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse

NOTE : Le rapport se trouve également ici : C:\Combofix.txt
0
Réponse 55 / 143
g
 
sur c cleaner est ce ke je fais chercher des erreurs dans registres?
0
Réponse 56 / 143
philae83 Messages postés 12837 Date d'inscription   Statut Contributeur sécurité Dernière intervention   206
 
on avait téléchargé ERUNT je pense non ?
oui tu peux aussi alors
0
Réponse 57 / 143
g
 
oui et aussi esct ceke je coche l options avancersdans le nettoyeur?
0
Réponse 58 / 143
philae83 Messages postés 12837 Date d'inscription   Statut Contributeur sécurité Dernière intervention   206
 
non
0
Réponse 59 / 143
g
 
jai redemarrer manuellement mon pc kar je n avai plus acces a internet apres avoir fai un scan avec combofix c normal? je tenvoie les rapports de suites
0
Réponse 60 / 143
g
 
ComboFix 07-12-09.1 - Administrateur 2007-12-09 21:52:02.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.109 [GMT 1:00]
Running from: C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe
.

((((((((((((((((((((((((((((( Fichiers créés 2007-11-09 to 2007-12-09 ))))))))))))))))))))))))))))))))))))
.

2007-12-09 21:43 . 2007-12-09 21:43 <REP> d-------- C:\Program Files\CCleaner
2007-12-09 00:42 . 2007-12-09 16:35 2,398 --a------ C:\WINDOWS\system32\tmp.reg
2007-12-09 00:12 . 2007-12-09 16:36 <REP> d-------- C:\SmitfraudFix
2007-12-08 23:45 . 2007-12-08 23:45 <REP> d-------- C:\VundoFix Backups
2007-12-08 23:36 . 2007-12-08 23:36 1,046,702 --a------ C:\SmitfraudFix.exe
2007-12-08 23:27 . 2007-12-08 23:27 <REP> d-------- C:\Program Files\Trend Micro
2007-12-08 22:30 . 2007-12-08 22:30 1,158 --a------ C:\WINDOWS\mozver.dat
2007-12-08 22:27 . 2007-12-08 22:27 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Talkback
2007-12-08 22:26 . 2007-12-08 22:26 0 --a------ C:\WINDOWS\nsreg.dat
2007-12-07 23:37 . 2007-12-09 21:17 <REP> d-------- C:\WINDOWS\BDOSCAN8
2007-12-02 23:46 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-12-02 23:46 . 2006-12-08 12:02 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2007-12-02 23:46 . 2006-11-15 11:38 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
2007-12-02 23:29 . 2007-12-02 23:29 <REP> d-------- C:\Program Files\Sierra Entertainment
2007-11-30 19:53 . 2007-11-30 19:53 <REP> d-------- C:\Program Files\Alcohol Soft

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-09 20:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-09 15:17 --------- d-----w C:\Program Files\Google
2007-12-09 00:52 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Skype
2007-12-02 22:56 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2007-12-02 22:30 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-30 18:41 685,816 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2007-11-25 22:21 --------- d-----w C:\Program Files\Windows Live Safety Center
2007-11-09 01:55 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\uTorrent
2007-11-07 23:50 24,600 ----a-w C:\WINDOWS\system32\rkmssleb.dll
2007-11-07 00:11 8,540 ----a-w C:\WINDOWS\system32\ckjhbsml.dll
2007-11-06 03:09 61,100 ----a-w C:\WINDOWS\system32\tfyqwvha.dll
2007-11-05 00:29 64,020 ----a-w C:\WINDOWS\system32\threhtfn.dll
2007-11-03 20:16 62,560 ----a-w C:\WINDOWS\system32\iympuxmg.dll
2007-11-02 03:51 61,100 ----a-w C:\WINDOWS\system32\dseibwxj.dll
2001-11-23 04:08 712,704 -c--a-w C:\WINDOWS\inf\OTHER\AUDIO3D.DLL
.

((((((((((((((((((((((((((((( snapshot@2007-12-09_18.16.23.06 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-03-06 14:27:46 162,816 ----a-w C:\WINDOWS\erdnt\[u]0[/u]9-12-2007\ERDNT.EXE
+ 2007-12-09 19:02:20 12,050,432 ----a-w C:\WINDOWS\erdnt\[u]0[/u]9-12-2007\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2007-12-09 19:02:20 122,880 ----a-w C:\WINDOWS\erdnt\[u]0[/u]9-12-2007\Users\[u]0[/u]0000002\UsrClass.dat
+ 2005-03-06 14:27:46 162,816 ----a-w C:\WINDOWS\erdnt\AutoBackup\2007-12-09\ERDNT.EXE
+ 2007-12-09 19:12:58 12,050,432 ----a-w C:\WINDOWS\erdnt\AutoBackup\2007-12-09\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2007-12-09 19:12:58 122,880 ----a-w C:\WINDOWS\erdnt\AutoBackup\2007-12-09\Users\[u]0[/u]0000002\UsrClass.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-01 03:41]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" [2006-10-12 03:10]
"ShStatEXE"="C:\Program Files\Network Associates\VirusScan\SHSTAT.exe" [2004-08-18 08:00]
"McAfeeUpdaterUI"="C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" [2004-08-06 03:50]
"Network Associates Error Reporting Service"="C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe" [2004-02-19 13:07]
"Cmaudio"="RunDll32 cmicnfg.cpl" []
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 14:43]
"C-Media Mixer"="Mixer.exe" [2002-10-15 18:00 C:\WINDOWS\mixer.exe]
"C-Media Speaker Configuration"="C:\PROGRA~1\C-Media\WIN_ME\Setup.exe" [2003-01-10 04:31]
"SoundMan"="SOUNDMAN.EXE" [2006-01-11 15:08 C:\WINDOWS\soundman.exe]
"LVCOMS"="C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE" [2003-09-04 09:45]
"InstallLeader"="" []
"SystemTray"="SysTray.Exe" [2001-08-24 15:00 C:\WINDOWS\system32\systray.exe]
"FmctrlTray"="Fmctrl.EXE" [2001-08-07 10:35 C:\WINDOWS\system32\fmctrl.exe]

C:\Documents and Settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\
ERUNT AutoBackup.lnk - C:\Program Files\ERUNT\AUTOBACK.EXE [2005-03-06 15:26:48]
Webshots.lnk - C:\Program Files\Webshots\Launcher.exe [2006-03-01 00:14:30]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
McAfee Desktop Firewall Tray.lnk - C:\Program Files\Network Associates\McAfee Desktop Firewall for Windows XP\FireTray.exe [2006-02-28 22:48:26]
NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe [2006-09-13 23:24:08]

R0 FirePM;McAfee Desktop Firewall Policy Manager Driver;C:\WINDOWS\system32\Drivers\FirePM.sys
R1 FireTDI;McAfee Desktop Firewall TDI Driver;\??\C:\WINDOWS\system32\Drivers\FireTDI.sys
R1 NaiAvTdi1;NaiAvTdi1;C:\WINDOWS\system32\drivers\mvstdi5x.sys
R2 FireHook;McAfee Desktop Firewall Network Driver;C:\WINDOWS\system32\DRIVERS\firehook.sys
R3 firelm01;firelm01;\??\C:\WINDOWS\system32\drivers\firelm01.sys
R3 gameport;Triplex Ma-La-Zi PCI Joystick;C:\WINDOWS\system32\DRIVERS\fmjoy.sys
R3 wdm_fm801;Triplex Ma-La-Zi PCI Audio (WDM);C:\WINDOWS\system32\drivers\fm801.sys
S3 aaudstum;aaudstum;\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\aaudstum.sys
S3 PID_0920;Logitech QuickCam Express(PID_0920);C:\WINDOWS\system32\DRIVERS\LV532AV.SYS
S3 TxNtSys;TxNtSys;\??\C:\Triplex\Sound\TxNtSys.sys
S3 USB28xxBGA;Pinnacle PCTV DVB-T USB Stick;C:\WINDOWS\system32\DRIVERS\emBDA.sys
S3 USB28xxOEM;USB 28xx OEM Filter;C:\WINDOWS\system32\DRIVERS\emOEM.sys

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d395e3b4-c8e9-11db-9b28-000b6b985b31}]
\Shell\AutoRun\command - RavMon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{da3c43a5-436f-11db-9a30-000b6b6d5b6e}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL antihost.exe

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-11-28 10:14:06 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
jespere ke c celui lacar jen ai 3

catchme 0.3.1331 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-09 21:53:57
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-09 21:55:01
C:\ComboFix2.txt ... 2007-12-09 20:14
C:\ComboFix3.txt ... 2007-12-09 18:17
.
--- E O F ---
0

Discussions similaires

Voxbone ? qui est-ce ?
fanfan54 -
ntrece13 -

159 réponses
cheval de troie trojan
idnoder -
idnoder -

42 réponses
Comment enlever mon virus trojan:win32/si...
bryanoulet -
juju666 -

58 réponses
svp 32Gb est il egal a 32Go??
William Fernand -
nemrod18 -

3 réponses